Context Navigation

to =

Table of Contents

Tor inside Tor

It is possible to start a TOR session from the client as well as from the transparent proxy, creating a "tor over tor" scenario. Doing so produces undefined and potentially unsafe behavior, see "MultiTor" for more information.

Skype

Skype usage is highly discouraged. It was used for leak testing purposes only as it's very good with firewall tunneling. Skype is closed source and users have no control over the encryption keys used. Skype can therefore decrypt and monitor communications arbitrarily. It is unwise to communicate in an unsafe manner over Tor. Skype also collects a large amount of personal data and reports back to a central server. Source: ​Skype reads your BIOS.

Web-browser

Do not be tempted to use Firefox standard edition (or any other browser), even when you are protected by TorBOX. Why? The Tor Dev Team transformed Firefox into the Tor Browser, to help achieve better anonymity:

check.torproject.org may tell you that a new update is available even if there isn't. That's because Tor Check doesn't support TorBOX. Manually check for updates every now and then. (Tor and Gateway need to separately be kept up to date.)

BitTorrent

Even though p2p over TorBOX is anonymous it is still discouraged. Tor is not really designed for it and file sharing through Tor excessively wastes everyone's bandwidth.

Apt-get, other software updaters

Same as BitTorrent. Only install small and infrequent security updates via Tor. For everything else use update and install disks or offline updates.

Metadata

​metadata can be as risk. Click ​MAT and read 'What is a metadata ?' and 'Why metadata can be a risk for your privacy ?'

Writing Style Analysis

When you post some stuff online using Tor and some while you are not on Tor, you are at risk, for example if you make the same mistakes.

Exit Nodes

In the ​Tor FAQ you must read the section "Can't the third server see my traffic?". In short: every exit node can spy your unencrypted exit traffic and even worse, inject malicious code into the stream. Be aware of that.

TorBOX's Tor-Workstation is firewalled

This means:

does not support incoming connections

however, if you make an outgoing connections, the following incoming connections are accepted (web browsing, irc, etc. works)

IRC-clients

Still, for most IRC clients, unix username = default ident and a "fake" ident with leading tilde (example: "~user") is used. The ident is seen by most clients during channel join and when doing ​whois. So better be sure to change your ident before you connect to any servers.